Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

 According to Reuters, the U.S. government has warned ships sailing off Yemen’s coast of the risk of al Qaeda attacks similar to a suicide bombing of the U.S. warship Cole in 2000 that killed 17 U.S. sailors. A Transportation Department statement said more sophisticated methods of attack in the waters could include missiles or projectiles. (See item 22)

22. March 22, Reuters – (International) U.S. warns ships off Yemen of possible al Qaeda attack. The U.S. government has warned ships sailing off Yemen’s coast of the risk of al Qaeda attacks similar to a suicide bombing of the U.S. warship Cole in 2000 that killed 17 U.S. sailors. The U.S. Office of Naval Intelligence said on its website that ships in the Red Sea, the strategic Bab al-Mandab strait between Yemen and Djibouti, and the Gulf of Aden along Yemen’s coast were at the greatest risk. “Information suggests that al Qaeda remains interested in maritime attacks in the Bab al-Mandab Strait, Red Sea, and the Gulf of Aden along the coast of Yemen,” the office said in a statement, citing an advisory by the U.S. Department of Transportation. “Although it is unclear how they would proceed, it may be similar in nature to the attacks against the USS Cole in October 2000 and the M/V Limburg in October 2002 where a small to mid-size boat laden with explosives was detonated,” it added. The Transportation Department statement said more sophisticated methods of attack by Al Qaeda in the waters near Yemen could include missiles or projectiles. The U.S. advisory, dated March 10, said more sophisticated methods of attack by Al Qaeda in the waters near Yemen could include missiles or projectiles. “Although the time and location of such an attack are unknown, ships in the Red Sea, Bab al-Mandab Strait, and the Gulf of Aden along the coast of Yemen are at the greatest risk of becoming targets of such an attack,” the statement said. “All vessels transiting the waters in the vicinity of Yemen are urged to operate at a heightened state of readiness,” it said, adding that vessels were at greatest risk in areas of limited maneuverability or while anchored or at port. Source: http://www.reuters.com/article/idUSTRE62L11K20100322

 CNN reports that Democratic offices in at least three states have reported instances of vandalism that party members say possibly were tied to Sunday’s historic vote on health care reform. (See item 40)

40. March 22, CNN – (National) Vandalism reported at offices of three Democrats. Democratic offices in at least three states have reported instances of vandalism that party members say possibly were tied to Sunday’s historic vote on health care reform. Early Monday morning, a glass panel at the Tucson office of a U.S. Democratic Representative was shattered, a spokesman said. It was not clear how the window was shattered, but visitors have to go through a gated courtyard to enter the office, and staffers suspect someone may have shot a pellet gun at the glass, he said. Nothing was taken from the congresswoman’s office, he said, adding that staffers believe the incident was linked to the health care vote in Washington. In upstate New York, two similar incidents were reported before Sunday night’s vote, according to CNN affiliate WHEC. A brick was thrown through the window of the Monroe County Democratic Committee headquarters in Rochester, and another was tossed through a window of a Democratic Representative’s office in Niagara Falls early March 19. No one was injured in either incident in New York. The Representative told WHEC that her Niagara Falls offices have recently received threatening phone calls. Authorities investigating the incidents have not officially confirmed the link to the health care vote. Another incident was reported earlier in the weekend by the Sedgwick County Democratic Party in Kansas. The party executive director told CNN that a brick with anti-Obama and anti-health care messages was thrown at the headquarters sometime late March 19 or early March 20. Nothing was taken, and no one was injured, she said, adding that a bakery next door called police. The director mentioned that a recent post on a blog encouraged people to throw bricks at local Democratic offices nationwide. The Alabama-based blog, called “Sipsey Street Irregulars,” says it has launched a “window war” against Democrats and has kept a tally of the recent incidents of damage, including the ones in New York and Kansas. Source: http://www.cnn.com/2010/POLITICS/03/22/pols.dems.vandalized/

Details

Banking and Finance Sector

12. March 23, WCPO 9 Cincinnati – (Ohio) Fifth Third data breach means new debit cards. Another week, another data breach affecting some Cincinnati area bank customers. This time, however, it’s not PNC/National City customers affected, but rather some customers of Fifth Third bank. 9News has learned that Fifth Third is sending out new debit cards to what the bank says is a “limited number” of customers. It will not say if that means dozens or thousands. However, Fifth Third confirms to us a data breach at a third party vendor has put some of its debit card numbers at risk. As a result, the bank is sending new cards to affected customers. It says no one has suffered any losses, and there’s no risk of identity theft. Source: http://www.wcpo.com/news/local/story/Fifth-Third-Data-Breach-Means-New-Debit-Cards/kK06tllO8kGM7vSFIUGwww.cspx

13. March 23, Washington Examiner – (Virginia) Thieves use ATM skimming device, steal $60,000. Thieves used a skimming device at an Alexandria bank’s automated teller machine to steal account information and make more than $60,000 in fraudulent charges, police said. The device was discovered last month by an engineer at a Wachovia bank. The engineer took photos of the skimmer and went inside the bank to notify security officials. When the engineer returned, the skimmer had been removed. Customers have reported more than $60,000 in illegal charges on their bank cards. Source: http://www.washingtonexaminer.com/local/crime/Thieves-use-ATM-skimming-device_-steal-_60_000-88858032.html

14. March 23, Mansfield News Journal – (Ohio) Credit card scam targets Verizon users. Local banks and the Bucyrus Police Department were flooded with weekend calls about a credit and debit card scam. Residents have reported receiving calls on their cell phones from unknown callers, asking for debit and credit card information to reactivate cards that have been deactivated because of suspicious activity. “We received several calls over the weekend from residents reporting the scam along with calls from United Bank, Firelands, Farmer Citizens and People’s Savings and Loan,” said a Bucyrus police dispatcher. “The scam seems to be targeting Verizon cell phone users. We have turned over the investigation to the (Federal Bureau of Investigation) at this point.” Source: http://www.mansfieldnewsjournal.com/article/20100323/NEWS01/3230310

15. March 22, Yakima Herald-Republic – (Washington) Bank bomb threat was result of international scam. Federal investigators said on March 22 that a bomb threat at a downtown bank last week was part of an international fraud scheme that went dangerously awry. A 38-year-old Sunnyside man initially taken into custody Thursday at Bank of America was likely the victim of “a dangerous twist on an increasingly common fraud scheme,” said the supervisory senior resident agent of the FBI’s Spokane office. The man, who has since been released, apparently fell for a fraud that used text messages and cellular phone calls from a foreign country telling him that he’d won an international lottery or cash prize, the agent said. To claim the prize, he wired the callers money, supposedly for taxes, the agent said. On March 18, he went to the bank to set up an account to receive his expected winnings, the agent said. While there, he handed his cell phone to a teller while the con artist was on the line. When the caller realized that bank employees suspected foul play, he made a bomb threat, possibly out of spite, the agent said. Source: http://www.yakima-herald.com/stories/2010/03/22/bank-bomb-threat-was-result-of-international-scam-gone-wrong

Information Technology

46. March 22, The Register – (International) Botnet pierces Microsoft Live through audio captchas. The prolific Pushdo spam botnet has found a new way to penetrate Microsoft’s Live.com by exploiting weaknesses in the audio captchas designed to prevent automated scripts from accessing the popular email service. A new version of the bot causes infected PCs to pull down Live.com audio captchas and return the correct response within 10 seconds, according to a researcher at anti-virus firm Webroot. The attack allows the zombie machines to send email through accounts with a Live.com address, which are whitelisted by many spam filters. The technique offers spammers an alternative to sending spam through open mail relays, which are often blacklisted. The attack is the latest to target captchas, the puzzles that websites use to ensure that email and forms are completed by humans rather than automated scripts. Captchas require a person to recognize a series of distorted characters that are hard for computers to read using optical character recognition programs. Audio captchas, which are available in the event the user is visually impaired, work in much the same way except that characters are verbally recited amid background static and other noise. Source: http://www.theregister.co.uk/2010/03/22/microsoft_live_captcha_bypass/

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"